Skip to content

Security: SahirVhora/sf-object-sync

Security

SECURITY.md

Security Policy

Supported Versions

This project is actively maintained. Security updates are applied to the latest release.

Reporting a Vulnerability

If you discover a security vulnerability, please report it responsibly.

Do NOT open a public issue.

Instead, email sahir.vhora@gmail.com with:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Suggested fix (if any)

What to Expect

  • Acknowledgement within 48 hours
  • Assessment of severity and impact
  • Timeline for fix disclosure
  • Credit in release notes (unless you prefer anonymity)

Security Best Practices

  • Keep dependencies updated (Dependabot enabled)
  • Never commit secrets, API keys, or credentials
  • Use environment variables for configuration
  • Review PRs for security implications

Security Updates

Security fixes are released as patch versions. Subscribe to releases to be notified of updates.

There aren't any published security advisories